Tag Archives: preemptive strikes cyberattacks

The Under-the-Hood Cyberattacks

Leave a reply

The Biden administration sanctioned a Chinese company in January 2025  it said was behind the vast cyber intrusions into U.S. telecommunications networks that swept up phone calls of scores of U.S. government officials as well as those of incoming President Donald Trump.

The U.S. Treasury Department said that Sichuan Juxinhe Network Technology Co. was directly involved in the deep compromises of the telecommunications firms, which U.S. officials and lawmakers have said is a historically damaging espionage campaign carried out on behalf of the Chinese government. The firm is based in the Sichuan province of China and advertises itself as a technology-services and cybersecurity company.

Separately, U.S. authorities sanctioned a Shanghai-based hacker, Yin Kecheng, whom they allege was involved in an unrelated breach of sensitive systems within the Treasury Department itself. Neither Sichuan Juxinhe nor Yin Kecheng could immediately be reached for comment.

The sanctions… are the most direct public response to the telecom hacks, which were first revealed by The Wall Street Journal in 2024 and have been attributed to a hacking group dubbed Salt Typhoon. The sanctions will block U.S. transactions with Sichuan Juxinhe and allow for the seizure of any property or interests the firm has within the U.S. It couldn’t be immediately established whether the firm, for which little information was available online, had any U.S.-held assets or property.

Hackers compromised at least nine American telecommunications firms, scooping up enormous amounts of call-log data and the unencrypted texts and call audio from several dozen specific high-value targets. They also accessed wiretap-surveillance systems at victim companies Verizon Communications and AT&T in an apparent effort to learn how much the FBI and others understood about Beijing’s spies operating in the U.S. and internationally, according to investigators.

In the Treasury Department hack, China is believed to have accessed unclassified files located on compromised work computers of a range of senior officials, including Secretary Janet Yellen… The intrusion occurred through a hacked third-party software vendor called BeyondTrust, which was able to remotely access virtually any Treasury work computer, the people said. The department’s sanctions office itself—the same one that imposed penalties—was breached in the hack, as were other offices that possess sensitive nonpublic information. 

Excerpt from The U.S. Sanctions Beijing Firm Behind Major ‘Salt Typhoon’ Telecom Hacks, WSJ, Jan. 17, 2025

Sinophobia or Rational Paranoia: the Cranes

Leave a reply

The Biden administration plans to invest billions in 2024 in the domestic manufacturing of cargo cranes, seeking to counter fears that the prevalent use of China-built cranes with advanced software at many U.S. ports poses a potential national-security risk. The move is part of a set of actions taken by the administration that is intended to improve maritime cybersecurity….Administration officials said more than $20 billion would be invested in port security, including domestic cargo-crane production, over the next five years. The money, tapped from the $1 trillion bipartisan infrastructure bill passed in 2021, would support a U.S. subsidiary of  Mitsui, a Japanese company, to produce the cranes, which officials said would be the first time in 30 years that they would be built domestically.

Cranes at some ports used by the U.S. military were flagged as surveillance threats. Officials also raised the concern that the software on the cranes could be manipulated by China to impede American shipping or, worse, temporarily disrupt the operation of the crane.  “By design these cranes may be controlled, serviced and programmed from remote locations,” said Rear Adm. John Vann, who leads the Coast Guard cyber command, during a press briefing….

The U.S. military has been concerned about the cranes for years and has made efforts to skirt ports with the China-made cranes as best as possible, according to the senior U.S. military commander who oversees the military’s logistics operations.The Chinese can track the origin, destination and other data of the U.S. military’s containerized materiel to determine exactly where the military is shipping it, Cranes made by China-based ZPMC contain sensors that can register and track the origin and destination of containers…

China’s military doctrine gives priority to targeting “systems that move enemy troops,” including harbors and airports, Craig Singleton, a senior fellow at the Foundation for Defense of Democracies, a Washington think tank, said during congressional testimony in February 2023…“Increasingly, the Chinese are not merely seeking access to our networks; they are pre-emptively positioning to compromise and control them,” Singleton said in his testimony. “As a result, China is poised to impede the mobilization of American military forces, foment a state of disarray, and redirect national attention and resources in both war and short-of-war scenarios.”

Excerpts from Dustin Volz, U.S. to Invest Billions to Replace China-Made Cranes at Nation’s Ports, WSJ, Feb. 21, 2024